diff --git a/wildduck/mongodb-support.yml b/wildduck/mongodb-support.yml
deleted file mode 120000
index e834dd2..0000000
--- a/wildduck/mongodb-support.yml
+++ /dev/null
@@ -1 +0,0 @@
-../mongodb-operator/mongodb-support.yml
\ No newline at end of file
diff --git a/wildduck/mongodb-support.yml b/wildduck/mongodb-support.yml
new file mode 100644
index 0000000..1d52732
--- /dev/null
+++ b/wildduck/mongodb-support.yml
@@ -0,0 +1,130 @@
+# This file was a symlink to ../mongodb-operator/mongodb-support.yml before ArgoCD config drift
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: mongodb-kubernetes-operator
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - pods
+  - services
+  - configmaps
+  - secrets
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - apps
+  resources:
+  - statefulsets
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - mongodbcommunity.mongodb.com
+  resources:
+  - mongodbcommunity
+  - mongodbcommunity/status
+  - mongodbcommunity/spec
+  - mongodbcommunity/finalizers
+  verbs:
+  - get
+  - patch
+  - list
+  - update
+  - watch
+---
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: mongodb-kubernetes-operator
+subjects:
+- kind: ServiceAccount
+  name: mongodb-kubernetes-operator
+roleRef:
+  kind: Role
+  name: mongodb-kubernetes-operator
+  apiGroup: rbac.authorization.k8s.io
+---
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: mongodb-database
+subjects:
+- kind: ServiceAccount
+  name: mongodb-database
+roleRef:
+  kind: Role
+  name: mongodb-database
+  apiGroup: rbac.authorization.k8s.io
+---
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: mongodb-database
+rules:
+  - apiGroups:
+      - ""
+    resources:
+      - secrets
+    verbs:
+      - get
+  - apiGroups:
+      - ""
+    resources:
+      - pods
+    verbs:
+      - patch
+      - delete
+      - get
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: mongodb-kubernetes-operator
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: mongodb-database
+# ---
+# Commented out by argocd config drift
+#
+# # Allow any pod  in this namespace to connect to MongoDB and
+# # allow cluster members to talk to eachother
+# apiVersion: networking.k8s.io/v1
+# kind: NetworkPolicy
+# metadata:
+#   name: mongodb-operator
+# spec:
+#   podSelector:
+#     matchLabels:
+#       app: mongodb-svc
+#   policyTypes:
+#   - Ingress
+#   - Egress
+#   ingress:
+#     - from:
+#       - podSelector: {}
+#       ports:
+#       - port: 27017
+#   egress:
+#     - to:
+#       - podSelector:
+#           matchLabels:
+#             app: mongodb-svc
+#       ports:
+#       - port: 27017
diff --git a/wildduck/webmail.yaml b/wildduck/webmail.yaml
index dbd1b9d..45f1bcc 100644
--- a/wildduck/webmail.yaml
+++ b/wildduck/webmail.yaml
@@ -1,11 +1,13 @@
----
-apiVersion: codemowers.cloud/v1beta1
-kind: RedisClaim
-metadata:
-  name: webmail
-spec:
-  class: ephemeral
-  capacity: 100Mi
+# ---
+# Commented out by argocd config drift
+#
+# apiVersion: codemowers.cloud/v1beta1
+# kind: RedisClaim
+# metadata:
+#   name: webmail
+# spec:
+#   class: ephemeral
+#   capacity: 100Mi
 ---
 apiVersion: codemowers.cloud/v1beta1
 kind: OIDCMiddlewareClient
@@ -154,7 +156,7 @@ spec:
     regex: ^https://webmail.k-space.ee/$
     replacement: https://webmail.k-space.ee/webmail/
     permanent: false
----
+# ---
 # apiVersion: networking.k8s.io/v1
 # kind: NetworkPolicy
 # metadata: